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IN THE CLAIMS 

Amend the claims as indicated below. 



1 1. (Previously presented) A method comprising: 

2 receiving user information from a user, wherein the user information comprises 

3 identification information and account access infonnation; 

4 accessing a user account using the received user inforrnation; 

5 obtaining user information from third parties using the received user 

6 information; and 

7 authenticating the user's ability to access the account based on the obtained 

8 infonnation, wherdn authenticatuig comprises verifying the user's identity by 

9 comparing user information received with user informadon obtained, 

1 2. (Originally presented) A method as recited in claim 1 further 

2 comprising determining a risk associated with the user. 

1 3. (Previously presented) A method as recited m claim 1 wherein 

2 obtaining user infonnation from third parties comprises harvesting data ftom a web 

3 page accessed using the received user infonnation. 

J 4. (Previously presented) A method as recited in claim 1 wherein the third 

2 parties comprise a credit reporting service and a department of tnotor vehicles. 

1 5 . (Originally presented) A method as recited in claim 1 further 

2 comprising handling financial transactions initiated by the user and associated with the 

3 account. 
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1 6, (Originally presented) A method as recited in claim 1 further 

2 comprising handling financial transactions initiated by the user and associated wi|h the 

3 account if the user's ability to access the account is authenticated. 

1 7. (Previously presented) A method as recited in claim 1 wherein 

2 authenticating the user's ability to access the account includes comprises verifying one 

3 or more of the user's social security number, name» address, phone number^ date of 

4 birth, and driver's license number. 

1 8, (Previously picesented) A method as recited in claim 1 wherein 

2 authenticating the user's ability to access the account comprises presenting the user 

3 with a challenge question to be answered by the user- 

1 9. (Originally presented) A method as recited in claim 1 further 

2 comprising initiating a trial deposit into the account to further authenticate the user's 

3 ability to access the account 

1 10. (Originally presented) A method as recited in claim 1 wherein the 

2 accoiuxt is a financial account. 

1 1 L (Previously presented) A method as recited in claim 1 0 further 

2 comprising requesting a cancelled check associated with the financial account to 

3 further authenticate the xiser's ability to access the financial account, and comparing 

4 information on the cancelled check wth information obtained from third-party sources. 

1 12. (Originally presented) One or more computer-readable memories 

2 containing a computer program that is executable by a processor to perform the method 

3 recited in claim 1. 
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1 13. (Previously presented) A method comprising: 

2 receiving financial account access informatioti from a user regarding a user 

3 account at a financial institution; 

4 obtaining information regarding the financial account from a financial data 

5 source; and 

6 authenticating the user's ability to access tlie financial account based on the 

7 obtained information, comprising comparing the information received fi^m the user to 

8 the information obtained from the financial data source, wherein the financial data 

9 source is a third party separate from the financial institution. 

1 14. (Originally presented) A method as recited in claim 13 further 

2 comprising determining a risk associated mth the user. 

1 15. (Previously presented) A method as recited in claim 13 further 

2 comprising verifyii^ a user identity based on information provided by the user» 

3 wherein verifying comprises comparing information received firom the user with 

4 information obtained from a third party. 

1 16. (Previously presented) A method as recited in claim 13 further 

2 comprising verifying a user identity based on information obtained from a third-party 

3 source comprising a credit reporting service. 

1 17. (Originally presented) A method as recited in claim 13 further 

2 comprising handling financial transactions initiated by the user and associated with the 

3 financial account. 

1 18, (Originally presented) A method as recited in cleim 1 3 further 

2 comprising handling financial transactions initiated by the user and associated with the 

3 financial account if the user's ability to access the financial account is authenticated. 
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1 1 9. (Previously presented) A method a$ recited in claim 1 3 wherein 

2 authenticattng the user's ability to access the financial account comprises verijfying one 

3 or more of the user's social security number, name, address, phone number, date of 

4 birth, and driver^s license number. 

1 20. (Previously presented) A method as recited in claim 13 wherein 

2 authenticating the user's ability to access the financial account comprises presenting 

3 the user with a challenge question to be answered by the user. 

1 21. (Originally presented) A method as recited in claim 1 3 further 

2 comprising initiating a trial transfer to further authenticate the user's ability to access 

3 the financial accoimt, 

1 22. (Originally presented) A method as recited in claim 13 further 

2 comprising requesting a cancelled check associated with the financial account to 

3 further authenticate the user's ability to access the financial account. 

1 23. (Originally presented) One or more computer-readable memories 

2 containing a computer program that is executable by a processor to perform the method 

3 recited in claim 13- 

1 24. (Withdrawn) A method ofautbenticatingauser's ability to access a 

2 financial account, the method comprising: 

3 making a first transfer associated with the financial account, wherein the first 

4 transfer is executed by a financial management system coupled between a user 

5 computer and a plurality of financial institutions; 

6 requesting the user to identify the amount of the first transfer; 

7 confirmmg the us^'s ability to access the financial account if the user correctly 

8 identifies the amount of the first transfei^ and 



Sof17 



PAGE 5(17'RCVDATSf13l200711:48:22 AM [Eastern Day^^^^ 



08/13/2007 07:48 14083421909 



CS6 IP LAW 



PAGE 06/17 



Atty. Docket No.: CSHE.P004 Patent 



9 denying the user's ability to access the financial account if the user does not 

1 0 correctly identify the amount of the first transfer. 

1 25. (Withdrawn) A method as recited m claim 24 wherein the first transfer 

2 is a credit transfer 

1 26. (Withdrawn) A method as recited in claim 24 wherein the first transfer 

2 is a debit transfer. 

1 27. (Withdrawn) A method as recited in claim 24 further comprising 

2 making a second transfer associated with the financial accotmt and requesting the user 

3 to identify the amount of the second transfer. 

1 28. (Withdrawn) A method as recited in claim 27 further comprising 

2 confirming the us^'s ability to access the financial account if the user correctly 

3 identifies the amount of the first transfer and the amount of the second transfer. 

1 29. (Withdrawn) A method as recited in claim 27 further comprising 

2 hai:vesting data firom a web page associated with the financial account and 

3 authenticating the user's ability to access the financial account based on data harvested 

4 from the web page associatEd with the financial account* 

1 30. (Withdrawn) A method as recited in claim 27 further comprising 

2 retrieving data from a financial data server associated with the financial account and 

3 authenticating the user's ability to access the financial account based on data retrieved 

4 from the financial data server associated with the financial account 

1 31. (Withdrawn) A computer implemented metliod comprising: 

2 receiving account access information from a user; 
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3 receiving user identification infonnation from the user; 

4 obtaining information regarding the account, comprising obtaining infonnation 

5 j&om a tliird party source using the account access infonnation received from the user: 

6 comparing the infonnation obtained regarding the account with the 

7 identification infonnation received from the user; and 

S authorizing the user to access the account if the infonnation obtained regarding 

9 the account matches the identification infonnation received from the user. 

1 32. (Witlidrawn) The method of claim 31 wherein the user identification 

2 information includes the user's name. 

1 33 . (Withdrawn) The method of claim 3 1 wherein the user identification 

2 infonnation includes the user's mailing address, name, phone number, date of birth and 

3 driver' s license number. 

1 34. (Withdrawn) The method of claim 3 1 wherein the user identification 

2 information includes the user's email address. 

1 . 35- (Withdrawn) The method of claim 3 1 fiirther comprising preventing the 

2 user from accessing the account if the infonnation obtained regarding the account does 

3 not match the identification information received from the user. 

1 36. (Withdrawn) The method of claim 3 1 wherein obtaining information 

2 regarding the account includes obtaining information from a financial data source. 

1 37. (Withdrawn) The method of claim 3 1 wherein obtaining information 

2 regarding the account includes harvesting data fxom a web page associated with the 

3 account 
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1 38. (Witihidrawn) The method of claim 3 1 wherein the account i$ a financial 

2 account providing online user access. 

1 39. (Withdrawn) A method comprising: 

2 a financial management system receiving account mformation from a user, 

3 wherein the account can be accessed via an online connection, wherein the financial 

4 management system is coupled among a user device and a plxnaJity of financial 

5 institutions via a network; 

6 the financial management system receiving user identification information from 

7 the user; 

8 tlie financial management system obtaining information regarding the account 

9 via an online connection^ wherein the information is obtained from one or more 

10 sources via the network; 

1 1 the financial management system comparing the information obtained 

12 regarding the account with the identification information received fi'om the user; and 

13 the financial management system authorizing the user to execute actions with 

14 respect to the account if the information obtained regarding the account matches the 

1 5 identification information received from the user. 

1 40. (Withdrawn) Thcmethodof claim 39 wherein the user identification 

2 information includes the user's name. 

1 4L (Withdrawn) The method ofclaim 39 wherein the user identification 

2 information includes the user's account number, 

1 42. (Withdrawn) The method ofclaim 39 wherein the user identification 

2 information includes the user's mailing address. 
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1 43 , (Withdrawn) The method of claim 39 further comprisii^ preventing the 

2 user from executing actions with respect to the account if the information obtained 

3 regarding the account does not match the identification information received from the 

4 user, 

1 44. (Withdrawn) The method of claim 39 wherein obtaining information 

2 regarding the account includes harvesting data from a web page associated with the 

3 account 

1 45, (Withdrawn) A user authentication method for allowing the user access 

2 to a user account at one of a plurality of financial institutiotis, the method comprising: 

3 a third-party financial management system collecting user information; 

4 the third-party financial management system collecting user financial account 

5 information, wherein the third-p^irty financial management system is coupled among 

6 the user and the plurality of financial institutions via at least one network; 

7 the third-party financial managraient system collecting infomiation about the 

8 plurality of financial institutions; 

9 defining a set of authentication rules to authenticate the user; 

10 the tbiixi-party financial management system receiving a request from the user 

11 to access a user account, wherein the request includes authentication information from 

12 the user; 

13 the third-party financial management system applying the authentication rules 

14 to determine whether to authenticate the user; 

1 5 when the user is successfully authenticated, retrieving risk information related 

16 to the user, wherein risk information comprises historical data related to user 

17 transactions; 

1 8 when the user is successfully authenticated, the third-party financial 

1 9 management system determining whether to allow access to the user account, wherein 
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20 access includes the third-party financial management system executing a requested 

2 1 transaction on behalf of the user. 

1 46, (Withdrawn) The method of claim 45, wherein risk information further 

2 comprises: 

3 average balances of user accounts; 

4 movement offtmds.between user accounts; and 

,5 success rates of transactions requested involving user accounts. 

1 47, (Withdrawn) The method of claim 45, wherein risk information further 

2 comprises: 

3 previous transaction history; 

4 previous session histoty, including duration of account access; 

5 accotmt set-up history; 

6 time elapsed since last transaction; 

7 tune elapsed since account added; 

8 affiliations of an account with other users; 

9 comparison of a geographic locaUon of the request and geographic locations of 

10 previous requests, including determining distance between geographic locations, times 

1 1 of transactions executed from particular geographic locations, and types of connections 

1 2 used at particular geographic locations. 

1 48. (Withdrawn) Themethodofclaim45, wherein determining whether to 

2 allow access to the user account comprises allowing conditional access to the user 

3 account, comprising imposing conditions including: 

4 changing a dollar amount limit on a transaction; 

5 changing a settlement period for a transaction; and 

6 requiring additional authentication procedures. 



lOof 17 

PAGE10/17'RCVDAT8/131200711:4g:22 AM [Eastern Dayip 



08/13/2087 07:48 14083421909 CSG IP LAW PAGE 11/17 

Atty. Docket No.: CSHE.P004 Patent 



1 49. (Withdrawn) The method of claim 45, ftirther comprising updating the 

2 risk information based on requested user transactions and updated user information. 

1 50. (Withdrawn) The method of claim 45, wherein the thi rd-party financial 

2 management system collects user financial account information Sxom the plurality of 

3 financial institutions. 

1 51. (Withdrawn) The method of claim 45 , wherein the user information is 



2 collected in one or more manners selected from a group comprising, collecting directly 

3 from the user, collecting from an agency that holds user information, collecting from 

4 one of the plurality of financial institutions, and screcn-scraping the user information 

5 via one of the at least one networks. 



1 52- (Withdrawn) A financial management system, comprising: 

2 a communication interface through which the financial management system 

3 communicates via at least one network with a plurality of financial institutions and 

4 with a user device; 

5 a transaction execution module configurable to execute user-requested 

6 transactions with the plurality of financial institutions on behalf of the user» and 

7 an authentication and risk analysis module configured to collect risk 

8 information comprising historical data related to user-requested transactions* and 

9 further configured to authenticate the user when the user requests a transaction. 

1 53. (Withdrawn) The system of claim 52, wherein the authentication and 

2 risk analysis module is further configured to define a set of authentication rules to 

3 authenticate the user, and wherein authenticating the user comprises applying the 

4 authentication rules to determine whether to authenticate the user. 
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1 54- (Withdrawn) The system of claim 53, wherein application of the 

2 authentication rules results in one or more of Initiation of an additional authentication 

3 process and issuance of a one-time useable password* 

1 55. (Withdrawn) The system of claim 53, wherein risk information further 

2 comprises: 

3 average balances of user accounts; 

4 movement of funds between user accounts; and 

5 success rates of transactions requested involving user accounts. 

1 56. (Withdrawn) The system of 55, wherein the risk information further 

2 comprises: 

3 previous transaction history; 

4 previous session histoiy» includii^ duration of account access; 

5 account set-up history; 

6 time elapsed since last transaction; 

7 time elapsed since account added; 

8 affiliations of an account with other users; 

9 comparison of a geographic location of the request and geographic locations of 

1 0 previous requests, including determining distance between geographic locations, times 

1 1 of transactions executed from particvJar geographic locations, and types of connections 

12 used at particular geographic locations. 

1 57. (Withdrawn) The system of claim 53, ^^erem determining whether to 

2 authenticate the user comprises conditionally authenticating the user, comprising 

3 imposing conditions on the transaction, including: 

4 changing a dollar amount limit on the transaction; 

5 changing a settlement period for the transaction; 

6 requiring additional authentication procedures; and 
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7 rerouting the transaction through another channeL 

1 58. (Withdrawn) The system of claim 52, ftirther comprising updating the 

2 risk infonnation based on requested user transactions and updated user information. 

1 59- (Withdravm) The system of claim 52, wherein the authentication and 

2 risk analysis module collects user financial, account information firom the plurality of 

3 financial institutions. 

1 60. (Withdrawn) The system ofclaim 52, wherein the authentication and 



2 risk analysis module collects the user information in one or more manners selected 

3 from a group comprising^ collecting directly fi-om the user, collecting from an agency 

4 that holds user informatiouj collecting from one of the plurality of financial 

5 institutions, and screen-screwing the user information via one of the at least one 

6 networks. 



1 61 . (Withdrawn) The system of claim 52, wherein executing the user- 

2 requested transaction comprises: 

3 in a first part of fhe transaction, the financial management system e?cecuting a 

4 transaction wiA a fixst financial institution; 

5 the financial management system holding the funds from the transaction in an 

6 intennediate account owned by the financial management system at a third financial 

7 institution; and 

S in a second part of the transaction, the financial management system executing 

9 a transaction with a second financial institution to deposit the £unds in an account at the 

1 0 second financial institution. 

1 62. (Withdrawn) TTie system ofclaim 52, \s4ierein the authentication and 

2 risk analysis module comprises; 
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3 an authentication and risk analysis engine; and 

4 a user account information collection module coupled to the authentication and 

5 risk analysis engine, wherein the authentication and risk analysis engine is configurable 

6 to apply authentication rules and to determine a level of risk associate with a user- 

7 requested transaction. 

1 63 (Withdrawn) Thesystemof claim 62, wherein determining the level of 

2 risk includes computing a probability of risk. 

1 64- (Withdrawn) The system of claim 52, wherein the authentication and 

2 risk analysis module further comprises a user an authentication analysis logic module 

3 coupled to the authentication and risk analysis engine, wherein the user authentication 

4 analysis module is configurable to develop authentication rules. 

1 65. (Withdrawn) The system of claim 52, wherein the authentication and 

2 risk analysis module furtlier comprises a risk analysis logic module coupled to the 

3 authentication and risk analysis engine, wherein the risk analysis module is 

4 configurable to analyze risk information. 

1 66. (Withdrawn) The system of claim 52, wherein the authentication and 

2 risk analysis module fiuther comprises a financial institution and market data collection 

3 module coupled to the authentication and risk analysis engine. 

1 67. (Withdrawn) A computer-readable medium having stored thereon 

2 instructions, that when executed, cause a user-authentication method to be performed, 

3 the method comprising: 

4 a third-party financial management system collecting user information; 
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5 the third-party financial man^emcnt system collecting user financial account 

6 information, wherein the third-party financial management system is coupled among 

7 the user and the plurality of financial institutions via at least one network; 

8 the third-party financial management system collecting information about the 

9 plurality of financial institutions; 

1 0 defining a set of authentication rules to authenticate the user; 

11 the third-party financial management system receiving a request from the user 

12 to access a user account, wherein the request includes authentication information from 

13 the user; 

14 the thh-d-party financial management system applying the authentication rules 

1 5 to determine whether to authenticate the user; 

1 6 when the user is successfiilly authenticated, retrieving risk information related 

17 to the user, wherein risk information comprises Wstorical data related to user 

18 transactions; 

1 9 vAen the user is successfiilly authenticated, the third-party financial 

20 management system determining whether to allow access to the user accoimt, wherein 

2 1 access includes the fhird-party financial management system execuling a requested 

22 transaction on hebalf of the user. 

1 68. (Wilhdrawn) The computer-readable medium of claim 67, wherein risk 

2 information fiirther comprises: 

3 average balances of user accounts; 

4 movement of fiinds between user accounts; and 

5 success rates of transactions requested involving user accounts. 

1 69. (Withdrawn) The computer-readable medium of claim 67, wherein 

2 determining whether to allow access to the user account comprises allowing 

3 conditional access to the user account, comprising imposing conditions including: 

4 changing a dollar amount limit on a transaction; 
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5 changing a settlement period for a transaction; 

6 requiring additional authentication procedures; and 

7 rerouting the transaction through another channel 

1 70. (Withdrawn) The computer-readable medium of claim 67, wherein the 

2 method further comprises updating the risk information based on requested user 

3 transactions and updated user information. 

1 71 . (Withdrawn) The computer-readable medium of claim 67, wherein the 

2 third-party financial management system collects user financial account information 

3 from the plurality of financial institutions, 

1 72. (Withdrawn) The computer-readable medium of claim 67, wherein the 

2 user information is collected in one or more manners selected jfrom a group 

3 comprising, collecting directly from the user* collecting from an agency that holds user 

4 infonnation^ collecting from one of the plurality of financial institutions> and screen- 

5 scraping the user information via one .of tiie at least one networks. 
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